CVE-2022-27666

HIGH

Linux Kernel < 5.17 - Out-of-Bounds Write

Title source: rule

Description

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

Exploits (3)

nomisec WORKING POC 205 stars

by plummm · poc

https://github.com/plummm/CVE-2022-27666

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by Albocoder · poc

https://github.com/Albocoder/cve-2022-27666-exploits

View Code ZIP pw:eip

nomisec STUB

by ngtuonghung · poc

https://github.com/ngtuonghung/CVE-2022-27666

View Code ZIP pw:eip

References (5)

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=2061633

[Patch, Third Party Advisory] https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220429-0001/

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5127

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5173

Scores

CVSS v3 7.8

EPSS 0.0080

EPSS Percentile 74.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (17)

debian/debian_linux 9.0

debian/debian_linux 10.0

debian/debian_linux 11.0

fedoraproject/fedora 34

fedoraproject/fedora 35

linux/linux_kernel 5.17 (8 CPE variants)

linux/linux_kernel < 5.17

netapp/h300e_firmware

netapp/h300s_firmware

netapp/h410c_firmware

... and 7 more

Published Mar 23, 2022

Tracked Since Feb 18, 2026